eHAC Data Breach Exposes Users Personal Information
Translator
Editor
1 September 2021 13:21 WIB
TEMPO.CO, Jakarta - A recent report by vpnMentor researchers, Noam Rotem and Ran Locar, suggests that the Indonesian Health Ministry experienced a major data breach and exposed 1.3 million users’ electronic health alert card or eHAC personal information.
VpnMentor’s data breach summary broke down the various types of data exposed, which is related to Covid-19 test data as follows.
- Passenger ID and type (including domestic and international travelers)
- Hospital ID
- Queue number while doing this test
- Reference number
- Address and time for home visit
- Test type (PCR, rapid antigen, etc.), date, and place
- Test result and date issued
- eHAC document ID
Data from 226 hospitals and clinics in Indonesia was also exposed:
- Hospital details (ID, name, country, license number, address and exact location (with coordinates), phone and WhatsApp number, opening hours)
- Name of the responsible person for the passenger
- Name of the passenger’s doctor
- Hospital capacity
- Allowed test types in the hospital
- Information about how many tests were done each day
- Which type of passengers are allowed in this hospital
Read: eHAC App Data Breach Allegedly Exposes Over 1 Million People
BANGKIT ADHI WIGUNA | VPNMENTOR